use revolt_database::{ util::{permissions::DatabasePermissionQuery, reference::Reference}, voice::{sync_voice_permissions, VoiceClient}, Database, User, }; use revolt_models::v0; use revolt_permissions::{calculate_server_permissions, ChannelPermission, Override}; use revolt_result::{create_error, Result}; use rocket::{serde::json::Json, State}; /// # Set Role Permission /// /// Sets permissions for the specified role in the server. #[openapi(tag = "Server Permissions")] #[put("//permissions/", data = "", rank = 2)] pub async fn set_role_permission( db: &State, voice_client: &State, user: User, target: Reference<'_>, role_id: String, data: Json, ) -> Result> { let data = data.into_inner(); let mut server = target.as_server(db).await?; let (current_value, rank) = server .roles .get(&role_id) .map(|x| (x.permissions, x.rank)) .ok_or_else(|| create_error!(NotFound))?; let mut query = DatabasePermissionQuery::new(db, &user).server(&server); let permissions = calculate_server_permissions(&mut query).await; permissions.throw_if_lacking_channel_permission(ChannelPermission::ManagePermissions)?; // Prevent us from editing roles above us if rank <= query.get_member_rank().unwrap_or(i64::MIN) { return Err(create_error!(NotElevated)); } // Ensure we have access to grant these permissions forwards let current_value: Override = current_value.into(); permissions .throw_permission_override(current_value, &data.permissions) .await?; server .set_role_permission(db, &role_id, data.permissions.into()) .await?; for channel_id in &server.channels { let channel = Reference::from_unchecked(channel_id).as_channel(db).await?; sync_voice_permissions(db, voice_client, &channel, Some(&server), Some(&role_id)).await?; }; Ok(Json(server.into())) }